Frankfurt am Main, Germany — On March 2, 2026, Link11 released its European Cyber Report, revealing an unprecedented rise in DDoS attacks throughout 2025. These attacks have escalated to become a persistent threat to digital infrastructure, marking a critical challenge for organizations across Europe.
Increasing Frequency and Intensity of DDoS Attacks
According to the report, the frequency of documented DDoS attacks within the Link11 network surged by 75% last year, following an already significant increase of 137% the previous year. This trend indicates a substantial and ongoing burden on both companies and critical infrastructures in the region.
Notably, terabit-scale attacks have become more common, with three major incidents exceeding 1 Tbit/s in 2025. The most significant of these attacks peaked at 1.33 Tbit/s, delivering over 120 million packets per second. A series of these coordinated assaults generated a data volume of 509 terabytes, equivalent to the daily internet usage of a medium-sized city.
Persistent and Evolving Attack Strategies
The duration of these attacks is also concerning, with the longest recorded incident lasting over eight days. In 2025, DDoS attacks were active for 88% of the year, effectively normalizing a state of emergency for affected systems. Furthermore, over 70% of initial attacks were followed by additional incidents, with an average of 2.8 follow-up attacks, marking an 80% increase from the previous year.
Link11’s CEO, Jens-Philipp Jung, emphasized the shift from sporadic disruptions to continuous strategic challenges. He stressed the necessity for permanent, automated resilience to withstand these attacks, highlighting the danger posed by modern DDoS campaigns, which now combine high bandwidth with tactical patience.
Adapting Security Measures for Modern Threats
In response to these evolving threats, the report advocates for a comprehensive approach to security that integrates both infrastructure and application-level protections. This includes Web Application & API Protection (WAAP), which is crucial for maintaining stability and predictability in digital operations.
Today’s sophisticated attacks often target Layer 7, mimicking legitimate traffic to degrade performance without triggering alerts. By employing network protection, behavior-based analysis, and AI-driven bot detection, organizations can enhance their cyber resilience and protect against revenue and reputation loss.
As digital availability becomes increasingly critical, the report underscores the need for always-on DDoS protection and the integration of DDoS scenarios into business continuity plans. Jung highlights that the ability to withstand constant cyber threats defines competitive advantage in the digital age.
Link11 positions itself as a leading IT security provider, offering cloud-based solutions to safeguard global infrastructures from cyber threats. The company is recognized for its high standards in data security, holding certifications such as PCI-DSS, SOC2 Type 2, C5, and ISO-27001.
